Yes. I'd expect Neo900 is of the few devices that are not vulnerable to this kind of attack at all.
The worst bunch is anything with integrated SOC running baseband having shared memory access with main CPU.

However, I personally feel that it is significantly higher risk to get your device infected with "standard" malicious SW having nothing to do with BB or 3G stack. There exist loads of crap especially for Androids aiming for that.

True, there currently being no device that does detect it
(as I believe cryptophone is still vaporware...)

IMSI Catcher Detector for Android, as far as I understand it, uses geolocation databases to check if the BTS with with CID/LAC like the one you're connected with could be around the place you're at, and if not, then it marks it as IMSI catcher.

__________________Sebastian Krzyszkowiak - https://dosowisko.net/
Long term Openmoko supporter. Owner of two Neo Freerunners, a few N900s and some others too.
Future owner of the Neo900

Me and my friend bought cryptophones at the start of this year because we're stupid with money like that and we didn't have the patience to wait for the Neo900 (he's gonna get one too though, I would too but my finances aren't in a state to support it...).
I can answer any questions you might have about them to the best of my ability.
We got GSMK CryptoPhone 500's, they have actually 2 firewalls, an IP and a baseband one. The baseband firewall seems to be related to what you're ideating for Neo900, it keeps watch of the modem and inconsistencies between its and the OS's activity. The IP firewall at least kept preventing me from establishing a connection to a meterpreter shell I installed on the phone. When I was traveling in Norway at one point the baseband firewall started warning about IMSI-catchers or something of the sort, I assume this was related to the NATO military bases there
The phones have a variety of other features but my short summary of them would be a overly expensive gadget marketed for governments.